The key is not evidence. They can destroy it as long as they haven't been ordered not to. Also, it is not obstruction of justice, just contempt of court. Move it physically outside the jurisdiction and destroy it, it's simply beyond the court's jurisdiction. As for conspiracy, prove it.
I don't think there is a single key for signing iOS. New keys can be generated. The device verifies the key is Apple's, its not looking for a specific known key.
Also I think obstruction is broadly defined. Willfully destroying something necessary to obtain evidence most likely counts. Destroying things likely to be sought by a court, though not yet ordered to be produced, counts I believe. It all depends on the interpretation of phrases like "reasonably believed", "reasonably expected", etc. Conspiracy, all that takes is two people with access discussing the possibility of destroying the key and then one person taking an action. One person offered a deal of leniency in order to testify is likely since I would expect pretty harsh sentences, the court wanting to make examples of people involved. Again, in the eyes of the court the worst crime is that of defying the court.
When a court has ordered them to do so and they have lost all appeals.
Not enforceable... since Apple would not have authored the binary, they would have no guarantee that it might not be used to harm them... a court cannot rightfully order anyone or any company to do something that is self-destructive.
That would be surprising news to the millions drafted into the military under the penalty of court sanctions (imprisonment) for failing to report for induction.
(almost the *exact* same reason that Apple does not want to write the software themselves in the first place)
That's just PR/Legal spin. Apple can lock this alternate iOS to the single device in question. The FBI could not retarget this alternative iOS to another device for the same reason they cannot work around the passcode in the public iOS. Both versions of iOS are protected from tampering by the digital signature. Apple would have to receive a new court order for every retargeting.
Again, Apple does not have access to the keys. With the A7, Apple hardened the hardware from tampering; however, if Apple could access the keys in the A6, why the hell has no one proposed that as a solution to the FBI?
Once the valid passcode is entered iOS has access to the key, so brute forcing provides access to the key. On an A7 brute forcing can not be done because the delays are in hardware. On an A6 brute forcing can be done because the delays are in software and are therefore patchable. On a 5C modified firmware/iOS without delays effectively has access to the keys.
You're exact words were "Oh, and the 5C doesn't work that way, too old a hardware generation." And even if I assume you are correct how does this add to the fact that Apple could or could not unlock the phone?
A6 delays in software. A7 delays in hardware.
Your exact words: "Apple is only being asked to let the FBI past the passcode."
Removing the delay and auto wipe is how one gets past the passcode, brute forcing is getting past the passcode. Getting "past" something includes going straight through it.
You missed the important detail that encrypted data is not necessarily "strongly protected". The decryption key is stored on the device with only a weak passcode to protect it. This is weakly protected. When strongly protected the decryption key is not stored, it is regenerated as needed by prompting the user for a passphrase. This on-device storage of the decryption key compromises security, as we see with the FBI only needing to crack the passcode.
I don't know what you mean by "strongly" protected...
The algorithm and the number of bits in an encryption scheme are not the sole determinants of the "strength" of protection. The protection is also dependent upon the strength of the passphrase used to generate a key, or in the iPhone case the strength of the passcode used to gain access to the on-device copy of a key.
... What you didn't say is that weakest point of the system is the passcode and not the keys.
I wrote: "The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits. Apple is only being asked to let the FBI past the passcode. Data is only strongly protected by encryption when it is copied off of the device. While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too many failed passcode attempts."
The 5C does not have Secure Enclave, it's processor is older than the A7.
Just because the 5C does not have an A7 processor with the Security Enclave does not mean that it does not encrypt its files.
No one said the 5C lacks encryption, this conversation is about getting to encrypted files on a 5C after all. What is being said is that an earlier statement regarding iOS not having access to the device's key is incorrect. Part of the device's key is only hidden from iOS with Security Enclave.
No, again you confuse the passcode with the encryption. The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits.
I understand the difference but you don't appear to do so. The passcode unlocks the processor to use all the encryption keys which you just contradicted yourself in that if the passcode didn't "decrypt", what is there to decrypt?
No, you simply misunderstood what I said earlier, that Secure Enclave is required to hide parts of the key from iOS.
Also the passcode is now 6 digits as of iOS 7 which was shipped on the 5C.
No, Apple does not require 6 digits. 4 digits works too and many users are conditioned by previous experience to only use 4. Which is why I wrote "often only 4 digits".
Apple is only being asked to let the FBI past the passcode.
Um no. Please get the details right. The exact wording of the court order:
Did you read it? It describes the delay and autowipe that I mentioned elsewhere in the post.
Apple is being asked to create a new version of iOS with substantially weakened security features so that the FBI can brute-force attack the passcode which they cannot do with certain features in place.
Data is only strongly protected by encryption when it is copied off of the device.
Um no, the data is encrypted ON the device in flash with 256 bit keys.
You missed the important detail that encrypted data is not necessarily "strongly protected". The decryption key is stored on the device with only a weak passcode to protect it. This is weakly protected. When strongly protected the decryption key is not stored, it is regenerated as needed by prompting the user for a passphrase. This on-device storage of the decryption key compromises security, as we see with the FBI only needing to crack the passcode.
While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too manny failed passcode attempts. Which is why the FBI wants only these removed.
You link the security paper but you haven't read the paper obviously. While it is not immediately obvious, the automatic wiping feature does not wipe out all the data as this may take too long on a device with lots of files. What is wiped is all the encryption keys making the files basically useless if copied.
No. You merely describe the implementation detail for wiping. Whether it is the pre-iOS 5 (?) re-writing of flash or the more modern destructions of the keys the process is still referred to as wiping, erasing, etc. See the judicial instructions you cite for an example.
The problem with slavery wasn't about compensation, it was about compulsion. There's a massive difference between a volunteer and a slave.
No. Compulsion is only one aspect of slavery. In addition to compulsion and lack of compensation there is also the inhuman treatment, the lifelong service, enslavement of one's children, the breakup of families, the ability to be murdered, etc.
Compulsion by lawful court order alone is not slavery. My father and millions of others were ordered to serve in the military, regardless of their desire to do so and whatever other plans they may have had. And there is something more familiar to millions today, being ordered to show up for jury duty.
Secondly, why on earth should Apple be expected to sign *any* binary that they did not author themselves?
When a court has ordered them to do so and they have lost all appeals.
Again, in such a scenario they would be morally obligated to make the changes themselves to ensure that the alternate iOS is locked to a specific device so that a new court order is required for each re-targetting to a new device.
The "master key" is what Apple is being asked to create. Apple even uses that phrase: "it would be the equivalent of a master key, capable of opening hundreds of millions of locks"
The word you are missing is "equivalent".
No, apparently you missed my quotes around "master key".
This entire discussion is about the passcode, not the encryption key. Oh, and the 5C doesn't work that way, too old a hardware generation.
Which Apple does not have either. Er what? The 5C completely works that way. What the 5C does not have is certain features like TouchID.>
No, from iOS Security Guide:
"For devices with an A7 or later A-series processor, the Secure Enclave coprocessor also utilizes a secure boot process that ensures its separate software is veri ed and signed by Apple... Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.
Additionally, data that is saved to the le system by the Secure Enclave is encrypted with a key entangled with the UID and an anti-replay counter."
Apple's https://www.apple.com/business...
The 5C is based on the 5, not the 5S. Only the 5S has Secure Enclave.
No, they are being asked to defeat an old lock.
The old lock has multiple protections on it. The order by the court it to replace the old lock with a new lock with fewer protections.
No, again you confuse the passcode with the encryption. The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits. Apple is only being asked to let the FBI past the passcode. Data is only strongly protected by encryption when it is copied off of the device. While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too manny failed passcode attempts. Which is why the FBI wants only these removed.
An F/A-18 launches from aircraft carriers on auto (hands free). Various commercial jets can land automatically.
Takeoff is a "simple" thing compared to driving.
The difficult thing is taxiing, where its more a problem of getting verbal clearance and instructions from the tower. But once your on the runway with clearance... well then its somewhat comparable to the F/A-18 catapult launch.
The lock is part of the door. The door, and its lock, are Apple's software. Apple is being asked for a master key that doesn't care about the tenant's pin setting inside the tumbler of the lock, the user's passcode on the phone.
There is no master key and there never was.
The "master key" is what Apple is being asked to create. Apple even uses that phrase:
"it would be the equivalent of a master key, capable of opening hundreds of millions of locks" http://www.apple.com/customer-...
Apple has set up its iOS so that it never knows what the keys that the user has set.
This entire discussion is about the passcode, not the encryption key. Oh, and the 5C doesn't work that way, too old a hardware generation.
What Apple is being asked to do is to create a new lock...
There are plenty of computers in use (a lot of the better ones are running Linux or an RTOS and hell, even Windows NT/CE/XP) that people trust their lives to implicitly on a daily basis in a lot more delicate situations than driving a car. Commercial planes do most of the flying fully autonomous, most of both your debt and savings is being invested fully automated, any machine in a hospital parses a lot more data than a few dozen sensor and requires much more precision.
Driving is a far more difficult problem than auto landing, auto pilot and auto takeoff on an airplane.
So if one vendor's software passes a driving test let it also share all the driver's license "points" accumulated by all the autonomous vehicles. So if it makes too many mistakes or gets into too many accidents it looses its license. Again, not an individual car, all cars running the vendor's software.
The lock is part of the door. The door, and its lock, are Apple's software. Apple is being asked for a master key that doesn't care about the tenant's pin setting inside the tumbler of the lock, the user's passcode on the phone.
FWIW, its not my analogy. I'm just saying the argument(s) made against it were flawed.
The alternate iOS that bypasses the passcode delay and auto wipe could be locked to the single device in question...
The real problem is that this is not a one-time event. If one court can do it then any court can do it.
Could be... but it is nothing less than utter naivety or willful ignorance that could make anyone think that the FBI will not turn around and ask for another phone to be unlocked 10 minutes after Apple were to unlock this one....
You read that second line above?:-)
... and to make the software in such a way that it would not be possible to modify it to work on any device *IS* impossible.
The device locking can not be tampered with. It would require Apple to resign the binaries if the device ID is changed. The point of Apple doing the work is to at least ensure there will be a new court order when a new device is targeted. If the FBI makes the changes and Apple merely signs an FBI produced binary then there will be no device locking and this version could be used without judicial oversight. **If** we have to go down that path Apple must make the changes to ensure the device locking.
Actually the landlord / door analogy works well. Apple is not being asked to break the encryption, they are being asked to bypass the passcode. The passcode is very low tech and analogous to a door that allows entry.
I disagree as the landlord analogy implies that Apple owns the property (the phone) and is not a 3rd party to the situation.
Apple owns the software, we just license it. What is being asked for is a change to the software.
Even if the original binaries they hand the FBI are locked to that particular iphone there is no reason to believe the FBI won't eventually reverse engineer that lock so they can use it on all iphones of the same generation.
The FBI can no more tamper with the device lockdown in an alternate iOS than they can tamper with the passcode functionality in public iOS. Both are protected by the same digital signature that will break if tampering is performed. The hardware will not run an iOS that does not have a valid digital signature.
Apple would need to resign iOS every time the device ID is changed, and that would ensure a new court order every time. Which is why **if** we have to go down this path Apple should make the changes and not merely sign FBI produced code. FBI produced code would not include any device lockdown, only Apple produced code would.
Except what the DOJ is requesting the court to force upon Apple under the All Writs Act is an unprecedented interpretation of that law which has no discernible limits. This is the dividing line between a police state and a republic.
Its unprecedented because its a new situation brought about by new technology. Unprecedented is a normal thing, it happened all the time over the course of US history. Tapping a telegraph cable was once an unprecedented thing. Tapping an analog phone line was once an unprecedented thing. There is nothing un-republic about this situation. Its going through a quite vigorous legal process with appeals and both sides well and competently represented, actually I'd favor Apple in this sense, one more bit of republic evidence. Maybe we'll need additional legislation to compel Apple to provide this technical assistance. Still, all very much a republic. Even republics can compel people to do things they do not want to do. Its all about legislative authority and judicial review, and the legislators and judges being directly or indirectly selected by the electorate.
Slavery is also likely a very poor analogy. If Apple has to spend the month they estimated they are probably entitled to be reimburse for their costs.
Good ol' freedom of the USA right here. As long as the Commissar gives you some pennies for your forced labor, it's not *really* slavery.
Technically "USA Freedom" has never been about being immune from government orders except in very specific conditions. In general its always been about government orders being required to go through some process under judicial review. The founding father's were not anarchists. They merely wanted the rules to be written by an elected legislature and government's coercive powers to be subject to judicial oversight and in certain narrow circumstances limited by the Constitution. From the moment the founding fathers transitioned from revolutionaries to the "the government" they embraced the coercive powers of government. Actually, they also did so as revolutionaries. Commandeering property during the revolution and reimbursing the owners with "script" that would be worthless if the revolution failed.
And before you get all Constitutional keep in mind that the owner of the phone has given the FBI their approval to search it. The phone is owned by the employer not the murderer. Hopefully that detail limits this case in terms of it being a precedent.
Put in the backdoor, but make it only work for the next month or so.
Its far simpler than that. The passcode workaround can be locked to the single device in question. The real problem is that if one court can order this technical assistance than any court could also do so.
This is much more involved than that because cracking that one safe at least wouldn't crack every other safe of that type on the planet.
No. The "crack" can be locked down to the one particular device in question. This device lock down can not be tampered with, just like the passcode functionality can not be tampered with, all code is protected by the digital signature.
The problem is that if one judge can compel such technical assistance than any judge can. Its not a one-time thing, but a new court order would be required for each instance.
Both options would've sounded phantastical to the framers of the Constitution, but they are quite analogous to, for example, demanding a landlord's cooperation in opening up a tenant's apartment, or a bank required to open up a customer's safe deposit box.
Only if that key opens up EVERY customer's safe deposit box.
It doesn't. The alternate iOS that bypasses the passcode delay and auto wipe could be locked to the single device in question. The FBI could no more change the device lock than they could alter the passcode functionality. Tampering is prevented by the digital signature, both public iOS and this FBI iOS.
The real problem is that this is not a one-time event. If one court can do it then any court can do it.
Actually the landlord / door analogy works well. Apple is not being asked to break the encryption, they are being asked to bypass the passcode. The passcode is very low tech and analogous to a door that allows entry.
Slavery is also likely a very poor analogy. If Apple has to spend the month they estimated they are probably entitled to be reimburse for their costs.
It is also technically incorrect that the alternate iOS that works around the passcode delay and auto wipe functionality is a mass surveillance tool. Apple could easily lock this alternate iOS to the single device in question. The FBI could no more change the embedded UDID used in such device locking than they could change the public iOS they now have, public and alternate iOS are protected from tampering by the digital signature.
The meme of this alternate iOS being applied to all phones is PR/Legal spin, its Apple framing the discussion in the most favorable light.
The only real issue is that if Apple can be forced to do this by one court then any court can also do this. The government's argument that this is a one-time thing is completely bogus. The FBI can not place any such limitation on any judge who may want an iOS device unlocked.
I don't think the 4th amendment is involved. The owner of the phone is not the murderer, its the employer. This owner has given the FBI permission to search the phone.
They would need to start a service where the phone and a warrant to unlock it is sent to them, the modified firmware is loaded in a lab, and then the contents are shipped back to the law enforcement organization. They would not need to load a master key into the OS that's shipped to everyone else. Apple doesn't want to do any of that because it's going to be a significant expense once they start doing it.
Actually I'd expect Apple to have the modified firmware that is restricted to running on a single targeted device sitting on a signing server. When an Apple lawyer gets a court order an email is sent to an Apple engineer. The Apple engineer submits a job with the device UDID number to the signing server. The signing server updates the target device UDID embedded into its master copy of the firmware, signs it, and send the binary to the Apple engineer who then forwards it to the lawyer who in turn forwards it to the respective agency. In other words it would be an automated process and Apple could probably bill for the time of its lawyer and engineer. The FBI can install the signed firmware themselves.
Slashdot Mirror
The key is not evidence. They can destroy it as long as they haven't been ordered not to. Also, it is not obstruction of justice, just contempt of court. Move it physically outside the jurisdiction and destroy it, it's simply beyond the court's jurisdiction. As for conspiracy, prove it.
I don't think there is a single key for signing iOS. New keys can be generated. The device verifies the key is Apple's, its not looking for a specific known key.
Also I think obstruction is broadly defined. Willfully destroying something necessary to obtain evidence most likely counts. Destroying things likely to be sought by a court, though not yet ordered to be produced, counts I believe. It all depends on the interpretation of phrases like "reasonably believed", "reasonably expected", etc. Conspiracy, all that takes is two people with access discussing the possibility of destroying the key and then one person taking an action. One person offered a deal of leniency in order to testify is likely since I would expect pretty harsh sentences, the court wanting to make examples of people involved. Again, in the eyes of the court the worst crime is that of defying the court.
When a court has ordered them to do so and they have lost all appeals.
Not enforceable... since Apple would not have authored the binary, they would have no guarantee that it might not be used to harm them ... a court cannot rightfully order anyone or any company to do something that is self-destructive.
That would be surprising news to the millions drafted into the military under the penalty of court sanctions (imprisonment) for failing to report for induction.
(almost the *exact* same reason that Apple does not want to write the software themselves in the first place)
That's just PR/Legal spin. Apple can lock this alternate iOS to the single device in question. The FBI could not retarget this alternative iOS to another device for the same reason they cannot work around the passcode in the public iOS. Both versions of iOS are protected from tampering by the digital signature. Apple would have to receive a new court order for every retargeting.
Again, Apple does not have access to the keys. With the A7, Apple hardened the hardware from tampering; however, if Apple could access the keys in the A6, why the hell has no one proposed that as a solution to the FBI?
Once the valid passcode is entered iOS has access to the key, so brute forcing provides access to the key. On an A7 brute forcing can not be done because the delays are in hardware. On an A6 brute forcing can be done because the delays are in software and are therefore patchable. On a 5C modified firmware/iOS without delays effectively has access to the keys.
You're exact words were "Oh, and the 5C doesn't work that way, too old a hardware generation." And even if I assume you are correct how does this add to the fact that Apple could or could not unlock the phone?
A6 delays in software. A7 delays in hardware.
Your exact words: "Apple is only being asked to let the FBI past the passcode."
Removing the delay and auto wipe is how one gets past the passcode, brute forcing is getting past the passcode. Getting "past" something includes going straight through it.
You missed the important detail that encrypted data is not necessarily "strongly protected". The decryption key is stored on the device with only a weak passcode to protect it. This is weakly protected. When strongly protected the decryption key is not stored, it is regenerated as needed by prompting the user for a passphrase. This on-device storage of the decryption key compromises security, as we see with the FBI only needing to crack the passcode.
I don't know what you mean by "strongly" protected ...
The algorithm and the number of bits in an encryption scheme are not the sole determinants of the "strength" of protection. The protection is also dependent upon the strength of the passphrase used to generate a key, or in the iPhone case the strength of the passcode used to gain access to the on-device copy of a key.
I wrote: "The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits. Apple is only being asked to let the FBI past the passcode. Data is only strongly protected by encryption when it is copied off of the device. While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too many failed passcode attempts."
The 5C does not have Secure Enclave, it's processor is older than the A7.
Just because the 5C does not have an A7 processor with the Security Enclave does not mean that it does not encrypt its files.
No one said the 5C lacks encryption, this conversation is about getting to encrypted files on a 5C after all. What is being said is that an earlier statement regarding iOS not having access to the device's key is incorrect. Part of the device's key is only hidden from iOS with Security Enclave.
No, again you confuse the passcode with the encryption. The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits.
I understand the difference but you don't appear to do so. The passcode unlocks the processor to use all the encryption keys which you just contradicted yourself in that if the passcode didn't "decrypt", what is there to decrypt?
No, you simply misunderstood what I said earlier, that Secure Enclave is required to hide parts of the key from iOS.
Also the passcode is now 6 digits as of iOS 7 which was shipped on the 5C.
No, Apple does not require 6 digits. 4 digits works too and many users are conditioned by previous experience to only use 4. Which is why I wrote "often only 4 digits".
Apple is only being asked to let the FBI past the passcode.
Um no. Please get the details right. The exact wording of the court order:
Did you read it? It describes the delay and autowipe that I mentioned elsewhere in the post.
Apple is being asked to create a new version of iOS with substantially weakened security features so that the FBI can brute-force attack the passcode which they cannot do with certain features in place.
Data is only strongly protected by encryption when it is copied off of the device.
Um no, the data is encrypted ON the device in flash with 256 bit keys.
You missed the important detail that encrypted data is not necessarily "strongly protected". The decryption key is stored on the device with only a weak passcode to protect it. This is weakly protected. When strongly protected the decryption key is not stored, it is regenerated as needed by prompting the user for a passphrase. This on-device storage of the decryption key compromises security, as we see with the FBI only needing to crack the passcode.
While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too manny failed passcode attempts. Which is why the FBI wants only these removed.
You link the security paper but you haven't read the paper obviously. While it is not immediately obvious, the automatic wiping feature does not wipe out all the data as this may take too long on a device with lots of files. What is wiped is all the encryption keys making the files basically useless if copied.
No. You merely describe the implementation detail for wiping. Whether it is the pre-iOS 5 (?) re-writing of flash or the more modern destructions of the keys the process is still referred to as wiping, erasing, etc. See the judicial instructions you cite for an example.
The problem with slavery wasn't about compensation, it was about compulsion. There's a massive difference between a volunteer and a slave.
No. Compulsion is only one aspect of slavery. In addition to compulsion and lack of compensation there is also the inhuman treatment, the lifelong service, enslavement of one's children, the breakup of families, the ability to be murdered, etc.
Compulsion by lawful court order alone is not slavery. My father and millions of others were ordered to serve in the military, regardless of their desire to do so and whatever other plans they may have had. And there is something more familiar to millions today, being ordered to show up for jury duty.
Secondly, why on earth should Apple be expected to sign *any* binary that they did not author themselves?
When a court has ordered them to do so and they have lost all appeals.
Again, in such a scenario they would be morally obligated to make the changes themselves to ensure that the alternate iOS is locked to a specific device so that a new court order is required for each re-targetting to a new device.
The "master key" is what Apple is being asked to create. Apple even uses that phrase:
"it would be the equivalent of a master key, capable of opening hundreds of millions of locks"
The word you are missing is "equivalent".
No, apparently you missed my quotes around "master key".
This entire discussion is about the passcode, not the encryption key. Oh, and the 5C doesn't work that way, too old a hardware generation.
Which Apple does not have either. Er what? The 5C completely works that way. What the 5C does not have is certain features like TouchID.>
No, from iOS Security Guide: ... Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.
Additionally, data that is saved to the le system by the Secure Enclave is encrypted with a key entangled with the UID and an anti-replay counter."
"For devices with an A7 or later A-series processor, the Secure Enclave coprocessor also utilizes a secure boot process that ensures its separate software is veri ed and signed by Apple
Apple's https://www.apple.com/business...
The 5C does not have Secure Enclave, it's processor is older than the A7:
"Chip
* A6 chip"
https://support.apple.com/kb/S...
The 5C is based on the 5, not the 5S. Only the 5S has Secure Enclave.
No, they are being asked to defeat an old lock.
The old lock has multiple protections on it. The order by the court it to replace the old lock with a new lock with fewer protections.
No, again you confuse the passcode with the encryption. The only thing standing between the phone automatically decrypting its data is the successful entry of a passcode, often only 4 digits. Apple is only being asked to let the FBI past the passcode. Data is only strongly protected by encryption when it is copied off of the device. While it is still on the device it is really only protected by the passcode entry delay and automatic wiping if there are too manny failed passcode attempts. Which is why the FBI wants only these removed.
pilots land and take off manually.
An F/A-18 launches from aircraft carriers on auto (hands free). Various commercial jets can land automatically.
... well then its somewhat comparable to the F/A-18 catapult launch.
Takeoff is a "simple" thing compared to driving.
The difficult thing is taxiing, where its more a problem of getting verbal clearance and instructions from the tower. But once your on the runway with clearance
"So if it makes too many mistakes or gets into too many accidents it looses its license."
You now have one point on your spelling license.
Nope, I am an unlicensed poster. :-)
The lock is part of the door. The door, and its lock, are Apple's software. Apple is being asked for a master key that doesn't care about the tenant's pin setting inside the tumbler of the lock, the user's passcode on the phone.
There is no master key and there never was.
The "master key" is what Apple is being asked to create. Apple even uses that phrase:
"it would be the equivalent of a master key, capable of opening hundreds of millions of locks"
http://www.apple.com/customer-...
Apple has set up its iOS so that it never knows what the keys that the user has set.
This entire discussion is about the passcode, not the encryption key. Oh, and the 5C doesn't work that way, too old a hardware generation.
What Apple is being asked to do is to create a new lock ...
No, they are being asked to defeat an old lock.
There are plenty of computers in use (a lot of the better ones are running Linux or an RTOS and hell, even Windows NT/CE/XP) that people trust their lives to implicitly on a daily basis in a lot more delicate situations than driving a car. Commercial planes do most of the flying fully autonomous, most of both your debt and savings is being invested fully automated, any machine in a hospital parses a lot more data than a few dozen sensor and requires much more precision.
Driving is a far more difficult problem than auto landing, auto pilot and auto takeoff on an airplane.
So if one vendor's software passes a driving test let it also share all the driver's license "points" accumulated by all the autonomous vehicles. So if it makes too many mistakes or gets into too many accidents it looses its license. Again, not an individual car, all cars running the vendor's software.
The lock is part of the door. The door, and its lock, are Apple's software. Apple is being asked for a master key that doesn't care about the tenant's pin setting inside the tumbler of the lock, the user's passcode on the phone.
FWIW, its not my analogy. I'm just saying the argument(s) made against it were flawed.
The alternate iOS that bypasses the passcode delay and auto wipe could be locked to the single device in question ...
The real problem is that this is not a one-time event. If one court can do it then any court can do it.
Could be... but it is nothing less than utter naivety or willful ignorance that could make anyone think that the FBI will not turn around and ask for another phone to be unlocked 10 minutes after Apple were to unlock this one....
You read that second line above? :-)
... and to make the software in such a way that it would not be possible to modify it to work on any device *IS* impossible.
The device locking can not be tampered with. It would require Apple to resign the binaries if the device ID is changed. The point of Apple doing the work is to at least ensure there will be a new court order when a new device is targeted. If the FBI makes the changes and Apple merely signs an FBI produced binary then there will be no device locking and this version could be used without judicial oversight. **If** we have to go down that path Apple must make the changes to ensure the device locking.
You didn't read my last paragraph did you? :-)
Actually the landlord / door analogy works well. Apple is not being asked to break the encryption, they are being asked to bypass the passcode. The passcode is very low tech and analogous to a door that allows entry.
I disagree as the landlord analogy implies that Apple owns the property (the phone) and is not a 3rd party to the situation.
Apple owns the software, we just license it. What is being asked for is a change to the software.
Even if the original binaries they hand the FBI are locked to that particular iphone there is no reason to believe the FBI won't eventually reverse engineer that lock so they can use it on all iphones of the same generation.
The FBI can no more tamper with the device lockdown in an alternate iOS than they can tamper with the passcode functionality in public iOS. Both are protected by the same digital signature that will break if tampering is performed. The hardware will not run an iOS that does not have a valid digital signature.
Apple would need to resign iOS every time the device ID is changed, and that would ensure a new court order every time. Which is why **if** we have to go down this path Apple should make the changes and not merely sign FBI produced code. FBI produced code would not include any device lockdown, only Apple produced code would.
Except what the DOJ is requesting the court to force upon Apple under the All Writs Act is an unprecedented interpretation of that law which has no discernible limits. This is the dividing line between a police state and a republic.
Its unprecedented because its a new situation brought about by new technology. Unprecedented is a normal thing, it happened all the time over the course of US history. Tapping a telegraph cable was once an unprecedented thing. Tapping an analog phone line was once an unprecedented thing. There is nothing un-republic about this situation. Its going through a quite vigorous legal process with appeals and both sides well and competently represented, actually I'd favor Apple in this sense, one more bit of republic evidence. Maybe we'll need additional legislation to compel Apple to provide this technical assistance. Still, all very much a republic. Even republics can compel people to do things they do not want to do. Its all about legislative authority and judicial review, and the legislators and judges being directly or indirectly selected by the electorate.
Slavery is also likely a very poor analogy. If Apple has to spend the month they estimated they are probably entitled to be reimburse for their costs.
Good ol' freedom of the USA right here. As long as the Commissar gives you some pennies for your forced labor, it's not *really* slavery.
Technically "USA Freedom" has never been about being immune from government orders except in very specific conditions. In general its always been about government orders being required to go through some process under judicial review. The founding father's were not anarchists. They merely wanted the rules to be written by an elected legislature and government's coercive powers to be subject to judicial oversight and in certain narrow circumstances limited by the Constitution. From the moment the founding fathers transitioned from revolutionaries to the "the government" they embraced the coercive powers of government. Actually, they also did so as revolutionaries. Commandeering property during the revolution and reimbursing the owners with "script" that would be worthless if the revolution failed.
And before you get all Constitutional keep in mind that the owner of the phone has given the FBI their approval to search it. The phone is owned by the employer not the murderer. Hopefully that detail limits this case in terms of it being a precedent.
Put in the backdoor, but make it only work for the next month or so.
Its far simpler than that. The passcode workaround can be locked to the single device in question. The real problem is that if one court can order this technical assistance than any court could also do so.
This is much more involved than that because cracking that one safe at least wouldn't crack every other safe of that type on the planet.
No. The "crack" can be locked down to the one particular device in question. This device lock down can not be tampered with, just like the passcode functionality can not be tampered with, all code is protected by the digital signature.
The problem is that if one judge can compel such technical assistance than any judge can. Its not a one-time thing, but a new court order would be required for each instance.
Only if that key opens up EVERY customer's safe deposit box.
It doesn't. The alternate iOS that bypasses the passcode delay and auto wipe could be locked to the single device in question. The FBI could no more change the device lock than they could alter the passcode functionality. Tampering is prevented by the digital signature, both public iOS and this FBI iOS.
The real problem is that this is not a one-time event. If one court can do it then any court can do it.
Actually the landlord / door analogy works well. Apple is not being asked to break the encryption, they are being asked to bypass the passcode. The passcode is very low tech and analogous to a door that allows entry.
Slavery is also likely a very poor analogy. If Apple has to spend the month they estimated they are probably entitled to be reimburse for their costs.
It is also technically incorrect that the alternate iOS that works around the passcode delay and auto wipe functionality is a mass surveillance tool. Apple could easily lock this alternate iOS to the single device in question. The FBI could no more change the embedded UDID used in such device locking than they could change the public iOS they now have, public and alternate iOS are protected from tampering by the digital signature.
The meme of this alternate iOS being applied to all phones is PR/Legal spin, its Apple framing the discussion in the most favorable light.
The only real issue is that if Apple can be forced to do this by one court then any court can also do this. The government's argument that this is a one-time thing is completely bogus. The FBI can not place any such limitation on any judge who may want an iOS device unlocked.
I don't think the 4th amendment is involved. The owner of the phone is not the murderer, its the employer. This owner has given the FBI permission to search the phone.
And to somehow install an OS update on a locked device?
Firmware can be rewritten so things behave differently on powerup.
They would need to start a service where the phone and a warrant to unlock it is sent to them, the modified firmware is loaded in a lab, and then the contents are shipped back to the law enforcement organization. They would not need to load a master key into the OS that's shipped to everyone else. Apple doesn't want to do any of that because it's going to be a significant expense once they start doing it.
Actually I'd expect Apple to have the modified firmware that is restricted to running on a single targeted device sitting on a signing server. When an Apple lawyer gets a court order an email is sent to an Apple engineer. The Apple engineer submits a job with the device UDID number to the signing server. The signing server updates the target device UDID embedded into its master copy of the firmware, signs it, and send the binary to the Apple engineer who then forwards it to the lawyer who in turn forwards it to the respective agency. In other words it would be an automated process and Apple could probably bill for the time of its lawyer and engineer. The FBI can install the signed firmware themselves.